Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File: XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier: 11urXy8tnTGZNX3jl61gkdExy7NrkuDsoTQsI5pI1QY=
Subject key identifier: FC:D3:DC:7F:E2:C7:BA:77:A2:07:AF:01:F5:9B:29:3A:C4:A9:4A:9C
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer: /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial: 0196786832678BE51A0F68F7851C98F570FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number: 04F8
Signing time: Sun 27 Apr 2025 18:00:16 +0000
Manifest this update: Sun 27 Apr 2025 18:00:16 +0000
Manifest next update: Mon 28 Apr 2025 18:00:16 +0000
Files and hashes: 1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: anKWZakuHTs2UHEn02XcbOBTT9TJqKuHp3AfpzH5N+0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:78:68:32:67:8b:e5:1a:0f:68:f7:85:1c:98:f5:70:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Validity
Not Before: Apr 27 18:00:16 2025 GMT
Not After : Apr 28 18:00:16 2025 GMT
Subject: CN=fcd3dc7fe2c7ba77a207af01f59b293ac4a94a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ab:e7:ca:f0:3f:70:9d:87:ce:51:27:5e:c5:
8c:97:e5:30:88:99:01:b0:b3:7a:16:be:3e:d4:89:
f0:36:3f:60:51:08:09:08:9b:5b:de:9e:fe:76:a1:
7f:02:7d:a0:50:82:8e:71:50:41:37:7c:85:ab:08:
e1:89:f5:98:42:78:ab:e4:70:b7:52:78:41:36:1a:
7b:41:a3:09:80:ba:f4:c4:d7:ea:af:a6:15:f3:b4:
d7:eb:01:af:ad:c8:42:14:47:c9:4f:df:11:93:97:
3f:cf:f9:f9:8d:7d:8a:08:62:04:30:ff:1d:fa:8e:
8e:da:47:7f:07:a4:10:48:75:6c:21:83:04:9b:39:
f3:75:1c:77:c1:e4:41:ad:b4:f1:25:ba:db:1d:9f:
22:92:fb:af:e3:c9:16:e0:89:a4:3c:d3:61:3e:af:
6f:bb:21:ff:c6:4d:74:df:c2:9c:9a:c7:9b:47:f2:
a4:f0:69:f4:46:ac:50:9e:ca:48:4c:ca:a1:68:f4:
20:63:7c:d6:9c:79:55:94:5a:12:8d:35:df:c9:cf:
b7:d8:4e:40:0f:d5:6a:f7:2c:fa:42:81:f1:51:93:
24:15:ee:8c:1a:50:00:36:4e:b8:26:a5:99:81:51:
97:d9:fd:d3:f0:49:be:08:2d:d1:3b:fe:39:6d:90:
0d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D3:DC:7F:E2:C7:BA:77:A2:07:AF:01:F5:9B:29:3A:C4:A9:4A:9C
X509v3 Authority Key Identifier:
keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:f2:a9:2d:fb:6f:89:c6:1b:c1:f4:00:0a:de:ac:ab:44:9d:
7e:09:6f:1f:94:ee:20:e7:20:0b:a8:50:5a:6d:c7:f4:ad:65:
9b:fd:4d:b7:1c:35:74:58:af:08:69:ad:80:0b:07:39:d2:fc:
3d:a5:c2:21:0a:06:29:58:7c:20:96:ba:ca:1f:b5:25:db:33:
a8:74:20:ca:77:c3:17:86:eb:7f:53:d0:9b:34:c5:2c:03:60:
be:49:3b:fa:23:9f:0d:c6:df:82:c2:e8:0f:39:70:62:1f:27:
3a:44:c0:93:2d:51:99:b5:54:b9:9a:0b:f8:6d:10:54:19:9b:
65:a0:26:66:16:d2:28:5d:f9:95:61:0d:11:8c:a8:b2:bd:1b:
2b:b6:36:70:25:5d:0b:d6:92:05:c0:4a:61:6c:77:bc:d0:8b:
5e:d7:5d:99:98:aa:1d:11:ea:a2:b1:0b:e5:64:c8:9c:b8:ac:
3a:88:68:60:60:c8:20:49:53:0f:ce:2d:7e:27:4d:09:2d:1b:
6b:a1:d1:8c:2e:6f:40:ae:41:8e:6f:a9:4f:77:c7:ff:73:19:
2e:fb:02:96:df:a8:24:40:41:1a:8b:e8:2a:d6:a1:a7:16:97:
e1:cc:8f:7c:40:b8:72:a5:31:95:3c:a5:e5:c3:63:7f:4f:73:
0d:4d:d5:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4aDJni+UaD2j3hRyY9XD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjUwNDI3MTgwMDE2WhcNMjUwNDI4MTgwMDE2WjAzMTEwLwYDVQQD
EyhmY2QzZGM3ZmUyYzdiYTc3YTIwN2FmMDFmNTliMjkzYWM0YTk0YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqvnyvA/cJ2HzlEnXsWMl+UwiJkB
sLN6Fr4+1InwNj9gUQgJCJtb3p7+dqF/An2gUIKOcVBBN3yFqwjhifWYQnir5HC3
UnhBNhp7QaMJgLr0xNfqr6YV87TX6wGvrchCFEfJT98Rk5c/z/n5jX2KCGIEMP8d
+o6O2kd/B6QQSHVsIYMEmznzdRx3weRBrbTxJbrbHZ8ikvuv48kW4ImkPNNhPq9v
uyH/xk1038KcmsebR/Kk8Gn0RqxQnspITMqhaPQgY3zWnHlVlFoSjTXfyc+32E5A
D9Vq9yz6QoHxUZMkFe6MGlAANk64JqWZgVGX2f3T8Em+CC3RO/45bZANFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzT3H/ix7p3ogevAfWbKTrEqUqcMB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWPKpLftv
icYbwfQACt6sq0SdfglvH5TuIOcgC6hQWm3H9K1lm/1Ntxw1dFivCGmtgAsHOdL8
PaXCIQoGKVh8IJa6yh+1JdszqHQgynfDF4brf1PQmzTFLANgvkk7+iOfDcbfgsLo
DzlwYh8nOkTAky1RmbVUuZoL+G0QVBmbZaAmZhbSKF35lWENEYyosr0bK7Y2cCVd
C9aSBcBKYWx3vNCLXtddmZiqHRHqorEL5WTInLisOohoYGDIIElTD84tfidNCS0b
a6HRjC5vQK5Bjm+pT3fH/3MZLvsClt+oJEBBGovoKtahpxaX4cyPfEC4cqUxlTyl
5cNjf09zDU3VZw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:54:52 2025 by rpki-client